Recent developments in standards and industry solutions for cyber security and secure remote access to electrical substations

Abstract

This paper discusses real world examples of utility initiatives to address the issue of substation cyber security in the context of both industry best practices and the global standards organizations seeking to provide a blueprint for security implantation. The authors provide an overview of existing technologies for securing IP and Ethernet communications networks and end devices. One of the aspects helping secure access to utility networks are centralized secure access management systems that facilitate authentication and authorization of users and devices while increasing productivity by reducing manually repetitive tasks. A commercial implementation of such a system is described. The authors also provide a brief overview of the latest industry efforts in standardization and describe selected focus groups, initiatives and institutions that are developing cyber security guidance for the electric power industry. Finally the authors describe practical experience from deploying a secure remote access management system at a large transmission utility in the United Kingdom. Key challenges, issues and experience from system design and implementation are presented. (8 pages)